Closed Bug 1309690 Opened 5 years ago Closed 5 years ago
Text JS plus not working with Firefox 50 .0beta due to removal of API get Usages String from ns IX509Cert
I installed the add-on but how to generate/reproduce the error?
Try to call window.crypto.signText function.
If you have a certificate, load the attached testing page, push the button, and sign the message. The result should display in an alert box.
Do I need to generate and install my own cerf in FF to test the page?
I guess you could install a self-signed certificate. You may want to try a free certificate instead, such as one from StartCom (https://www.startssl.com/).
SignTextJS also does not work in beta, 50.0b10: https://github.com/mozkeeler/signTextJS/issues/45 This add-on has 88 683 Average Daily Users. It is the only way to use crypto.signText in Firefox to sign content. Please help
Regression range: https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=de179cfc917a5b747c1a7559ad08c233e8c419f8&tochange=3d09e38954064b41dbc0a9387b5c5a205bf21e15 David Keeler — bug 1284946 - remove usages-related APIs from nsIX509Cert r=Cykesiopka,Felipe,jcj "remove usages-related APIs from nsIX509Cert nsIX509Cert provided the APIs getUsagesArray, requestUsagesArrayAsync, and getUsagesString." The add-on author needs to update his add-on to use the new API asyncVerifyCertAtTime from nsIX509CertDB. David, any advice?
Summary: signTextJS plus not working with Firefox 50.0beta, related to window.crypto → signTextJS plus not working with Firefox 50.0beta due to removal of API getUsagesString from nsIX509Cert
Javier, could you update your add-on?
(In reply to Loic from comment #7) > The add-on author needs to update his add-on to use the new API > asyncVerifyCertAtTime from nsIX509CertDB. Yep - that's right. Here's what the certificate viewer in Firefox does: https://dxr.mozilla.org/mozilla-central/rev/3f4c3a3cabaf94958834d3a8935adfb4a887942d/security/manager/pki/resources/content/certViewer.js#148 Another option would be to remove the code that does it altogether (as far as I can tell it's just for display purposes).
Hi David, how should we understand you comment? Did you mean that you would fix SignTextJS so that it could sign text in FireFox 50 (https://github.com/mozkeeler/signTextJS/issues/40 and https://github.com/mozkeeler/signTextJS/issues/45)? Or that you will not fix SignTextJS, but that hopefully JSP should fix SignTextJS Plus (https://github.com/jasp00/signTextJS/issues/1) and from FireFox 50 on only SignTextJS Plus would be the only supported extension for signing text?
bug 1083118 was closed with resolution - "use the addon in the link in the URL field" and the URL was https://addons.mozilla.org/en-US/firefox/addon/signtextjs/ does it mean that now the solution is to use this plugin: https://addons.mozilla.org/en-US/firefox/addon/signtextjs-plus/
(In reply to Petko from comment #10) > Hi David, > how should we understand you comment? Did you mean that you would fix > SignTextJS so that it could sign text in FireFox 50 > (https://github.com/mozkeeler/signTextJS/issues/40 and > https://github.com/mozkeeler/signTextJS/issues/45)? > Or that you will not fix SignTextJS, but that hopefully JSP should fix > SignTextJS Plus (https://github.com/jasp00/signTextJS/issues/1) and from > FireFox 50 on only SignTextJS Plus would be the only supported extension for > signing text? Oh, I'm sorry - I thought we were just talking about SignTextJS Plus. SignTextJS is not an officially-supported method of preserving this functionality. It was just a stop-gap measure while websites moved away from the non-standard API. If I have time, I'll update it, but I can't promise anything.
We have an entire insurance company who cannot do business today after their browsers auto-updated. Given that Firefox has yet to deliver an API that performs the job of crypto.signText, we have no option but to remain on crypto.signText in the short term. Please fix this urgently.
Version 0.8.6 works around this bug, and was released November 26. You may wait until the review process is done or download the add-on now (https://addons.mozilla.org/en-US/firefox/addon/signtextjs-plus/versions/0.8.6).
It appears https://addons.mozilla.org/en-US/firefox/addon/signtextjs-plus/versions/0.8.6 is unsigned?
(In reply to Graham Leggett from comment #15) > It appears > https://addons.mozilla.org/en-US/firefox/addon/signtextjs-plus/versions/0.8. > 6 is unsigned? Probably because the latest version is too recent, maybe signature is pending.
How can the code be available for download before the code is signed? Not understanding the workflow here.
The issue is not about the signature but the review. There are 2 steps when hosting an add-on on AMO: signing and reviewing. You can sign only your add-on and host it in another place, like your own website. signTextJS Version 0.8.6 has been signed but not reviewed.
The update has passed review on AMO now.
Status: UNCONFIRMED → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.